Starting the Server

Because I use SSH for authentication, I first needed to start the
svn server in tunnel (-t) mode on the system hosting
the repository. I could simply type this as the user svn:

% svnserve -t

However, that user would lose his prompt. You might be thinking, do this
instead:

% svnserve -t &

to start the service in the background. That is better; however, the service
is still attached to svn's shell, so the service will stop abruptly
if that shell ever closes. In this case, it is better to write a small
shell script owned by the user svn. I saved mine as
/usr/local/home/svn/repository/conf/svnserve.sh:

Simplifying User Authentication

Unless you configure a mechanism to cache your users' credentials, they will
receive authentication prompts every time they view or make a change to the
repository. Constant reauthentication can become very irritating very
quickly.

Because I'm using the svn+ssh access method, I chose to implement public key
authentication and use keychain to prevent the user from having to
constantly retype in their passphrase. (Read more about this process at the
IBM Developerworks article OpenSSH Key
Management, part 2, which introduced this utility.)

Here are the steps I used for the user devel1 who uses FreeBSD
as his desktop. First, I had him generate a public/private key pair using RSA
as the type (-t) of algorithm. (If you're rusty on encryption
algorithms, you may wish to read through Cryptographic
Terminology 101 first.)

% ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key
(/home/devel1/.ssh/id_rsa): /usr/home/devel1/.ssh/id_rsa
Enter passphrase (empty for no passphrase): type something long but memorable
Enter same passphrase again:
Your identification has been saved in /usr/home/devel1/.ssh/id_rsa.
Your public key has been saved in /usr/home/devel1/.ssh/id_rsa.pub.
The key fingerprint is:
f6:c2:51:ae:5c:17:91:57:53:c4:58:86:3f:5f:9a devel1@hostname.com

I then had devel1 copy over his new public key to his home
directory on the system hosting the repository; in this case, 10.1.1.1:

% scp ~/.ssh/id_rsa.pub 10.1.1.1:/usr/home/devel1/.ssh

Note: When you do this, make sure you copy over the key with the
.pub extension!

Before you can use that key, you have to append it to a file called
authorized_keys. This will require one last ssh into the
repository system using devel1's username and password: